Workplace Cybersecurity Is Everyone’s Responsibility

The cyberthreat landscape is changing. An increasing number of cyberattacks are executed using sophisticated tactics. Earlier this year, SonicWall warned that malware volume increased 102 percent in the first half of 2018 compared to that of 2017.

The report also notes a significant increase in cyberattacks that leverage new variants of malware, including ransomware and encrypted threats. Further, attacks are becoming highly targeted, for example baseStriker and PhishPoint target Office 365 users.

Attackers are evolving to take advantage of workplace technology trends, including the cloud and BYOD. These trends empower workforces to be mobile and productive as demanded by today’s 24/7 hyper-connected reality. Unfortunately, these behavior changes are significantly expanding the attack surface area for cybercriminals to exploit.

“Attackers are evolving their tactics to take advantage of workplace technology trends, including the cloud and BYOD.”

Today, network security means more than just safeguarding data, applications and infrastructure. Employees are not only resources that need protection, but also weaknesses or valuable assets for a stronger cybersecurity posture.

It is, of course, essential for organizations to have necessary security in place to monitor and protect attack surface areas. But no security product can be a silver bullet to stop all cyberattacks. It is necessary to educate and empower the last and most crucial line of defense: your employees.

Build a Culture of Cybersecurity Awareness

Employees are a key resource for an organization. As driving revenue is the primary objective, safeguarding the organization must also become one of the main responsibilities for employees. With the right frameworks and security awareness training programs in place, they can also be an effective layer of defense — a human firewall.

By extending these responsibilities to all employees, organizations can prevent sophisticated cyberattacks, saving the organization from financial, legal and reputation damages.

Creating cybersecurity awareness and training programs must include what employees must be aware of, what they need to watch out for, what best practices should be leveraged and how to follow them. It also must be easy to report security incidents. These programs must be delivered efficiently, measured and be easy to use.

Since the cyber threat landscape is evolving, the “human firewall” needs continuous signature/intelligence updates in terms of the new threats and how to identify and stop them. This is modern cybersecurity awareness.

Stop the No. 1 Cyberattack Vector: Email

But cybercriminals also know to target the human element to execute attacks. Email is the No. 1 threat vector used by cybercriminals today; more than 90 percent of attacks start with a phishing campaign.

Modern phishing tactics can trick even the savviest users. Attacks that use fake login pages, impersonation and business email compromise (BEC) are difficult to detect and block as these emails do not contain malware.

Organizations would benefit from taking a human-centric approach to email security and include user training and awareness to spot and avoid clicking on phishing email threats. Organizations should train employees to:

Embrace security as one of their key responsibilities.Beware of sudden changes in business practices. For example, email requests for transfers of funds.
Treat any suspicious email with caution.Review the signature and legitimacy of the request.
Look at domain names from suspicious emails.Confirm requests for transfers of funds or confidential information, such as W-2 records.
Exercise extra caution if an email is from a free, web-based account.Do not use the “Reply” option to respond to any business emails. Instead, use the “Forward” option and either type in the correct email address or select it from the email address book to ensure the intended recipient’s correct email address is used.
Check for spelling mistakes and grammatical errors.

Spot Sophisticated Phishing Attacks

Want to brush up on your ability to spot a phishing attack? Take SonicWall’s quick Phishing IQ test or download our exclusive brief, “How to Stop Email Spoofing.”

Monitor and Manage Shadow IT

According to Gartner, by 2020 one-third of security breaches will be the result of shadow IT. The ease of SaaS adoption and deployment leads to the following problems:

  • Losing control over sensitive corporate data traversing through public or hybrid clouds and data centers introduces new risks such as unauthorized access, malware propagation, data leakage and non-compliance.
  • Balancing security budgets, shadow IT practices and employee productivity.

To address the above challenges, IT administrators need Cloud Access Security Broker (CASB) solutions to provide visibility for what applications are being used and where. This will help them better understand the overall risk posture.

To mitigate the risks of shadow IT and embrace productivity, both organizations and employees must understand the agreement on what constitutes a legitimate application allowed for official use. Employees must be trained to use judgement so that they do not upload sensitive or confidential data into cloud-based applications.

Protect Endpoints, Especially When Outside the Perimeter

Workforces today rely on the same device for business and personal use, resulting in intermingling of business and personal data and applications. This creates an increased risk of security breaches for organizations, including:

  • Unauthorized users gaining access to company data and applications
  • Malware-infected devices acting as conduits to infect company systems
  • Interception of company data in transit on unsecured public Wi-Fi networks
  • Compliance with audit and regulatory requirements
  • Loss of business data stored on devices if rogue personal apps or unauthorized users gain access to data

To ensure proper safety, employees must be educated on the risks an endpoint poses to an organization, especially when those devices are frequently used from home, mobile or public networks. This can start with the basics such as:

  • Lock mobile devices when not in use.
  • Don’t use USB drives you don’t trust.
  • Update all software, operating systems and malware signatures.
  • Use secure VPN connections when accessing corporate resources over unsecured networks.
  • Install next-generation anti-virus (NGAV) to stop the latest threats.

Cybersecurity: Our Shared Responsibility

As cyberattacks evolve, organizations need to take a human-centric approach to security. Cybersecurity is everyone’s job. It’s a shared responsibility. It’s critical that structures, guidelines and processes are in place to make employees care and be responsible to remain safe online while at work.

Organizations will greatly benefit by incorporating user awareness and training programs to educate and empower employees who will form a critical line of defense. Cybersecurity is never finished. Make it core to company culture.


About Cybersecurity Awareness Month

The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”

In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:

  • Oct. 1-5: Make Your Home a Haven for Online Safety
  • Oct. 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
  • Oct. 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
  • Oct. 22-26: Safeguarding the Nation’s Critical Infrastructure

Learn more at StaySafeOnline.org.

Protecting Your MSSP Reputation with Behavior-Based Security

You’ve been here before. Your customer gets hit by a cyberattack and they ask, “Why did this happen? Shouldn’t your managed security service have protected us?”

Unless you give them a satisfactory answer, they may be shopping for a new partner. Over the past few years, I’ve heard several MSSPs having to explain to their customers that the malware or ransomware attack could not be stopped because they didn’t possess the technology that could mitigate new attacks.

Don’t put yourself in a situation where you can’t properly safeguard your customers — even against new or unknown attacks. To protect both your customers and your reputation against the latest threats, you need to deploy behavior-based security solutions that can better future-proof your customer environment.

The Logistics of Threat Prevention

When talking with people about threat prevention I ask, “How many new forms of malware do you think SonicWall detected last year?”

I usually hear answers in the thousands. The real answer? 56 million new forms or variants of malware in a single year. That’s more than 150,000 a day. Every day, security companies like SonicWall have teams of people creating signatures to help build in protections, but this takes time. Despite the industry’s best effort, static forms of threat elimination are limited.

Layering Security Across Customer Environments

MSSPs understand the importance of selling perimeter security, such as firewalls and email security, to scrub out most threats. These solutions will cover roughly 94-98 percent of threats. But for the smaller percentage of threats that are no less devastating, this is where behavior-based solutions come into play.

On each edge-facing firewall and email security service you need to have a network sandbox, which is an isolated environment where files can be tested to understand their intended purpose or motive. For example, the SonicWall Capture Advanced Threat Protection (ATP) sandbox is an isolated environment that is designed to run suspicious files in parallel through multiple engines to resist evasive malware. With the ability to block a file until a verdict has been reached, you can ensure that you will deliver highly vetted and clean traffic to end users.

Endpoints require a form of security that continuously monitor the system for malicious behavior because they roam outside the network perimeter and encounter fileless threats that come from vectors like malvertising.

SonicWall’s endpoint security solution (called Capture Client) only uses roughly 1 percent of the CPU’s processing power on a standard laptop. It can stop attacks before they happen as well as halt attacks as they execute. MSSPs love the ability to prevent dynamic attacks but also roll them back (on Windows only) in case they do initiate.

Behavior-based Security in Action

The power of behavior-based security was clear with the initial WannaCry attack in 2017. It was made famous when 16 NHS hospitals in the UK were shut down due to this viral ransomware attack. These sites were protected by a competitor whose CEO had to explain himself and apologize on national television.

The sites protected by SonicWall were up and running and helped pick up the slack when the others went down. Three weeks before the attack, SonicWall put protections in place that prevented Version 1 of WannaCry and its SMB vulnerability exploit from working.

But it was the behavior-based security controls that helped to identify and stop all the subsequent versions that came after. This same pattern emerged again with the NotPetya and SamSam ransomware attacks; static defenses followed by proactive dynamic defenses.

Furthermore, SonicWall’s reporting enables MSSPs to be alerted when something has been stopped. SonicWall Capture Client attack visualization gives administrators a view of where the threat came from and what it wanted to do on the endpoint.

This approach gives our customers — and MSSPs powered by SonicWall — the ability to protect against threats detected by SonicWall. But this strategy also protects against attacks that shift and change to bypass safeguards. By doing our best to build protections in a timely manner, as well as providing technology that detects and stops unknown attacks, we protect your customer as well as your reputation.


This story originally appeared on MSSP Alert and was republished with permission.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

“A leader has to be passionate about their work be able to motivate their teams to be equally passionate” With Bill Conner – Authority Magazine

  • Bill Conner, CEO of SonicWall, is interviewed about his career, from his days loading shipping containers all the way to his current role.

Cryptomining Malware Steals Fortnite Gamers’ Bitcoins and Personal Data – SC Magazine (UK)

  • As malware continues to target Fortnite players, SonicWall’s Lawrence Pingree talks about the probable future of kinetic ransomware.

Chart of the Day: Google Plus Never Got off the Ground – Real Money

  • SonicWall CEO Bill Conner weighs in with his thoughts on the importance, or not, of the Google Plus breach.

Cyber Security News

Pentagon Struggling to Meet Cyber Challenges, as Modern Warfare Goes High Tech – The Washington Times

  • The Pentagon wants to avoid another “Beast of Kandahar” situation but is struggling to keep its cybersecurity stronger than its attackers.

New Evidence of Hacked Supermicro Hardware Found in U.S. Telecom – Bloomberg

  • Accusations that China are inserting spying chips into US companies’ hardware are still being made and are spreading to other companies.

Medtronic Disables Pacemaker Programmer Updates Over Hack Concern – Reuters

  • There have been no documented reports of the vulnerability being exploited but the company are taking no chances with peoples’ hearts.

Vietnam Cyber Law Set for Tough Enforcement Despite Google, Facebook Pleas – Reuters

  • Companies will be required to store a wide range of user data and set up offices inside the country.

Heathrow Airport Fined £120,000 Over USB Data Breach Debacle – ZDNet

  • A memory stick with unencrypted private data of airport employees was found by a member of public last year.

Payment-Card-Skimming Magecart Strikes Again: Zero out of Five for Infecting E-Retail Sites – The Register (UK)

  • The British Airways and Ticketmaster attacking toolkit Magecart isn’t going away, this time turning up in a plugin called Shopper Approved that is used by hundreds of e-commerce sites.

This Cryptojacking Mining Malware Pretends to Be a Flash Update – ZDNet

  • The much-maligned Flash software now has the added problem of an imposter program that uses a victim’s computer to mine for the Monero cryptocurrency.

In Case You Missed It

12 Smart Reasons to Upgrade to SonicWall Secure Mobile Access (SMA)

The modern mobile or remote workforce is one businesses’ most valuable resources. Ensuring users have fast and secure anytime, anywhere access to applications, services and networks is a business-critical function.

For many years, the SonicWall Secure Remote Access (SRA) solution was the workhorse for distributed or remote personnel across the world. But technology moves fast. Today’s business environment has more users, applications and services than ever before. Satisfying this need requires a secure, high-performance remote access solution.

That’s why SonicWall introduced Secure Mobile Access (SMA), a unified secure access gateway that enables organization to provide anytime, anywhere and any device access to any application. More memory. More users. More throughput.

The solution’s granular access control policy engine, context-aware device authorization, application-level VPN and advanced authentication with single sign-on enables organizations to move to the cloud with ease, and embrace BYOD and mobility in a hybrid IT environment.

Explore the top 12 reasons organizations are upgrading to SonicWall SMA to deliver the speed, security and user experiences their mobile workforces require.

Shrink Budgets by Going Virtual

Virtualizing your infrastructure provides many benefits, while significantly improving performance needed for today’s secure mobility. Improvements include enhanced scalability and flexibility, reduction in downtime, minimized upfront investment and lower maintenance costs.

Why upgrade: SMA 8200v is a powerful virtual appliance with a quad-core processor and 8 Gb RAM. It delivers high-performance secure remote access — all at a fraction of the cost of a physical appliance.

Go Faster

Having both more and faster processing cores enables SMA to encrypt data-in-motion and with lower latency. The end result is a faster, high-performance experience for end users.

Why upgrade: The SMA series has quad core processors that run at up to 1.8 times the speed of those on the SRA series (single core on EX6000 and dual core on EX7000).

Increase Your Throughput

While speed is important, the ultimate goal is to deliver a seamless user experience. By increasing throughput, you promote better productivity with fast and secure access to mission-critical cloud and on-premises applications.

Why upgrade: SMA appliances have up to 15 times the SSL-VPN throughput of the SRA EX series (1.58 Gbps/400 Mbps/3.75 Gbps vs. 106 Mbps/550Mbps).

Serve More Concurrent Users

The mobile workforce has matured quickly in the past decade. Businesses are serving more remote users than ever before — and usually at the same time. Having a higher number of concurrent user sessions provides greater scalability by enabling more simultaneous user sessions to be active and tracked by firewalls.

Why upgrade: The SMA series offer more scalability from a single appliance for larger numbers of concurrent user sessions compared to the SRA series.

Get More High-Speed Ports

Today’s applications and cloud services are bandwidth hogs. Whether users are accessing sales data from a SaaS application or streaming a video presentation, organizations need the throughout to support bandwidth-intensive applications and high-speed data transfers.

Why upgrade: SMA 8200v supports 2 10-GbE ports and SMA 7200 includes 2 10-GbE ports out-of-the box.

Keep Features, Firmware Current

One of the most important best practices to defend against cyberattack or unknown threats is to always keep patches current. This habit also ensures you’re getting the latest feature updates to take advantage of new capabilities that help reduce costs while embracing trends such as BYOD, mobility and cloud.

Why upgrade: Every SMA firmware version is packed with new features. For example, SMA OS 12.1 is the current recommended firmware that provides advanced features, such as:

  • Federated Single Sign-On (SSO)
  • Face ID AUTH Support
  • Centralized Access Portal for Hybrid IT
  • File-Scanning via SonicWall Capture ATP Sandbox Service

Retain Support, Warrant for Hardware

Delivering secure remote access is a critical IT function that reduces attack surface for cybercriminals. It is imperative that the solution is always fully supported and has a best-in-class warranty — should the need arise.

Why upgrade: The SRA series are approaching End of Life (EOL) and the appliances will not be supported beyond November 2019.

Centralize Management & Reporting

Management and technology oversight are significant cost centers for businesses. By centralizing management and reporting, and automating routine tasks, organizations can drastically reduce administrative overhead. That’s time better spent on core business or security objectives.

Why upgrade: SonicWall Central Management Server (CMS) provides organizations with a single administrative user interface for reporting and management of all SMA appliances. This even includes SSL certificate management and policy roll-outs.

Enhance Resilience & Availability

Downtime happens. But organizations do their best to ensure business continuity and scalability, not to mention service-level agreements are being met. Service providers vastly improve Quality of Service (QoS) and workforce productivity by being in proactive in this area.

Why upgrade: Appliances managed by CMS can be configured as Active/Active or Active/Standby high-availability (HA) clusters for redundancy, availability and reliability. The solution includes Global Traffic Optimizer (GTO) for intelligent load-balancing and universal session persistence in case of failovers.

Store Critical Information with Onboard Memory

While much storage today is outsourced to clouds or servers, having large onboard modules is still a key capability. It allows for the local storage of logs, reports, file transfer inspection, firmware backups and restores, and more.

Why upgrade: The SMA 6200 and 7200 offer storage modules that have 12.5 times the capacity of the SRA series (2 x 500 GB vs. 80 GB).

Reduce Costs by Maximizing Global Usage

Organizations with appliances that are globally distributed can benefit from the fluctuating demands for user licenses due to time differences from off‐work/night hours.

Why upgrade: User licenses no longer need to be applied to individual SMA appliances. With central user licensing, CMS reallocates licenses to managed SMA appliances based on usage.

About SonicWall SMA

SMA is an advanced access security gateway that offers secure access to network and cloud resources from any device. SMA provides centralized, granular, policy-based enforcement of remote and mobile access to any corporate resource delivered using a hardened Linux-based appliance. Available as hardened physical appliances or powerful virtual appliances, SMA fits seamlessly into any existing IT infrastructure.

How to Stop Malware-Created Backdoors

Hackers have been placing backdoors into systems for years for a variety of purposes. We have all read the stories about backdoors being installed in retailers to siphon payment card information; a PSI DSS and reputation nightmare.

Backdoors also have been deployed in government and higher education institutions to gather intellectual property, such and defense and trade secrets. Medical institutions pay out settlements due to HIPAA violations caused by these forms of malware every year.

A perfect example of a backdoor-creating malware is Calisto. This backdoor trojan is designed for macOS (many executives use Macs) and attempts to install itself in different folders until it finds a home and then enable accessibility authorization.

If this can be accomplished, it will open a backdoor to the hacker to control the entire system. In most cases, this malware fails (due to protections placed on new Macs) but can leave behind system vulnerabilities.

So, how do you stop such an aggressive form of malware? It’s important to know that not all trojans are alike.

Some will create a customized payload every time it lands on a new system to avoid future attacks being blocked by signatures. SonicWall stops known backdoors on our next-generation firewalls (NGFW) and can test and find new versions of backdoor malware with the Capture Advanced Threat Protection (ATP) sandbox service.

But for threats that land on the endpoint, the key is using advanced artificial intelligence (AI) that can detect the malware’s presence on the endpoint. Does it try to bypass antivirus? Does it embed itself in a directory it shouldn’t? Does it attempt to download something from a command and control (C&C) server? These are just some of the ways Calisto can be identified.

To properly stop Calisto and other backdoor-building malware, download the exclusive tech brief: Protecting macOS Endpoints from Calisto. The brief will explore:

  • Origin of Calisto
  • Why SIP enablement is not enough
  • How the malware delivers its payload
  • Secondary steps the malware will take to ensure execution
  • Proven solutions for stopping Calisto

 

Tips for Getting a Job in Cybersecurity

It’s been a much-publicized issue for years: the cybersecurity skills gap. Not enough talented security pros. Way too many critical cybersecurity jobs. It’s becoming such a challenge, it’s even part of the U.S. government’s new Nation Cyber Strategy.

“The Administration will work with the Congress to promote and reinvigorate educational and training opportunities to develop a robust cybersecurity workforce,” noted in the official strategy document. “This includes expanding Federal recruitment, training, re-skilling people from a broad range of backgrounds, and giving them opportunities to re-train into cybersecurity careers.”

The perplexing fact of this challenge is that it’s not always clear how to get a job in the cybersecurity field. Want to become an electrician? Go to trade school. Want to become a doctor? Attend medical school. A lawyer? Study hard and pass the bar exam.

But pursuing a future in cybersecurity isn’t always as straightforward, particularly for those new to the field. There are many paths to take, but it’s often fraught with complexity and uncertainty.

A Critical Problem: Not Enough Cybersecurity Talent

As of March 2018, there were more than 300,000 unfilled cybersecurity jobs in the U.S. alone. California, Texas and Virginia represented the top geographies for open cybersecurity roles.

This skills gap is predicted to widen to 3.5 million jobs by 2021, a major supply-and-demand challenge for the one of the most critical threat landscapes. The growing disparity opens the door for all types of job-seekers: entry-level candidates, seasoned professionals, career-changers and executives alike.

“The demand for cybersecurity professionals is accelerating at such a pace that we can’t hire qualified and experienced talent fast enough,” said SonicWall Global Human Resources Director Bryce Ashcraft. “These are exciting, highly rewarding career fields, so it represents amazing opportunity for individuals interested in computer science, information technology, threat analysis and forensics — the list goes on and on.”

The Call for More Women in Cybersecurity

One of the many reasons for the cybersecurity skills gap is the gender disproportion in the industry. Data from the last few years estimated that women comprised 11 percent of the cyber workforce. One new source states that women represent 20 percent of the field — a stark improvement. But more change is still needed.

This issue was never more apparent than at RSA, North America’s largest cybersecurity conference hosted annually in San Francisco. Organizers of RSA 2018 actually came under fire for the lack of female panelists and speakers for the event, a story which was documented by SonicWall in, “The Shortest Line at RSA Conference 2018: Where are all the Women?”

Fortunately, pro-women organizations are growing quickly. Events, conferences and scholarships have been created across the world to empower women to prepare for careers in cybersecurity.

OrganizationsConferences & Events
WiCyS Women in CyberSecurityWiCyS Women in CyberSecurity
Women in Security and PrivacyGrace Hopper Celebration
National Center for Women & Information TechnologyOURSA – Our Security Advocates
SWE – Society of Women EngineersScholarships
She SecuresRaytheon’s Women Cyber Security Scholarship Program
Women in Defense (WID)(ISC)² Women’s CyberSecurity Scholarships
Women’s Security Society (WSS)Scholarship for Women Studying Information Security

Why Veterans Are Ideal Cybersecurity Pros

Many cybersecurity vendors are tapping into a different resource: military veterans. Highly skilled and easily trained, veterans are key to helping close the cybersecurity skills gap.

Better yet, they have unique skills that aren’t always easy to find in civilian sectors. Many veterans possess the right characteristics for working in high-pressure situations, such as a real-time security operations center (SOC).

“Efficient security operations teams operate in what’s called a ‘high-op tempo’ environment,” said Wayne Reynolds, an 18-year veteran of the United States Marine Corps and current CISO of Armor, a cloud security MSSP. “Veterans live this every day they are deployed.

“Most veterans I know operate extremely well in high-stress situations. In security, as you are combatting threats, you need to keep a cool, calm view of the situation. Veterans do this extremely well.”

In some unique cases, veterans may also possess valuable security clearances that could make them attractive to companies that operative in state and federal arenas, or in matters of government or industry compliance.

If you’re not a veteran, the military is an attractive option to gain hands-on, real-world experience in related fields. Acquired skills will be highly marketable when you transition back to civilian roles.

Resources for Military Cyber Careers

Your Cybersecurity Career: How to Get Started

More than 768,000 people are employed in cybersecurity in the U.S. But hundreds of thousands of jobs remain unfilled.

Top Cybersecurity Job Titles

  • Cybersecurity Engineer
  • Cybersecurity Analyst
  • Network Engineer/Architect
  • Cybersecurity Manager/Administrator
  • Systems Engineer
  • Software Developer/Engineer
  • Vulnerability Analyst/Penetration Tester
  • Systems Administrator
  • IT Auditor

Source: CyberSeek.org

Cybersecurity represents a lucrative career path for those interested in technology, computer science, engineering, network and cloud architecture, IT management, software development, threat intelligence and cyberattack forensics.

While salaries are largely dependent on skill set, experience, industry and region, cybersecurity pay can easily exceed $200,000 (USD) per year. This is particularity achievable when professionals begin directing full SOCs or move into executive positions, like chief security officer (CSO) or chief information security officer (CISO).

But there are opportunities for many professionals, particularly those who are trainable and adept at solving problems.

“I look for two things in all candidates. First, inquisitiveness. Good security folks are big problem-solvers and are always curious,” said Reynolds. “Second, modesty. If you have an inquisitive person who is modest, you can teach them anything.”

Common Cybersecurity Career Paths

Source: CyberSeek.org

Three of the most common ways of pursuing a carrier in cybersecurity include formal education, certifications and, as outlined above, military service. Not every path is suited for every personality. It’s important to find a program that works for you, but be sure it includes applicable, hands-on experience as well as job-placement programs.

Cybersecurity Certification

Certifications are a common, cost-effective approach to building cybersecurity acumen. SonicWall offers an extensive training curriculum path for security experts seeking to enhance their knowledge and maximize their investment in SonicWall network security products. This practice is common for security vendors committed to training cybersecurity professionals. SonicWall’s primary certification programs are:

But certifications — CISSP, CISM, CISA, ISSA, ISACA, (ISC)², Security+, Certified Ethical Hacker, CSSP, SNSA and the like — only tell part of the story. While they demonstrate a willingness to train, many cybersecurity recruiters want to know that what has been learned can be applied to the job.

“I worry less about education and tend to stay away from folks that list a plethora of certifications,” said Reynolds. “But if I see someone with an advanced degree or multiple years in the field, I take a look. The ability to practically apply education is critical.”

Cybersecurity Education

Universities and institutions of higher learning now offer dedicated cybersecurity curricula. For example, CyberDegrees offers an online resource that outlines top degree paths, sample coursework and tools for finding cybersecurity programs in 44 states.

“Similar to most undergraduate programs, online cybersecurity degrees typically require students to complete 120 to 126 credits,” notes U.S. News & World Report. “While there are accelerated programs, full-time students usually graduate within four years.”

Training & Educational Resources

Various government, private and non-profit organizations provide complimentary tools and resources to aid individuals in training for cybersecurity jobs. If you’re just starting your path toward a cybersecurity career or looking for a career change, leverage the below sites to help guide your path.

About Cybersecurity Awareness Month

The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”

In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:

  • Oct. 1-5: Make Your Home a Haven for Online Safety
  • Oct. 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
  • Oct. 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
  • Oct. 22-26: Safeguarding the Nation’s Critical Infrastructure

Learn more at StaySafeOnline.org.

Cyber Security News & Trends

Each week, SonicWall collects the cyber security industry’s most compelling, trending and important interviews, media and news stories — just for you.


SonicWall Spotlight

Facebook Hack: People’s Accounts Appear for Sale on Dark Web – The Independent (UK)

  • SonicWall CEO Bill Conner shares his thoughts on the fallout from the recent Facebook hack.

The A-Z of Security Threats 2018 – ITPro

  • SonicWall’s Laurence Pingree mans the letter E in this alphabet of cybersecurity threats for 2018.

100 People You Don’t Know but Should 2018 – CRN

  • Congratulations to John Mullen, included in the CRN 2018 list.

UK and Allies Accuse Russia of Cyber Attack Campaign – ComputerWeekly

  • SonicWall CEO Bill Conner encourages global co-operation following the UK National Cyber Security Centre (NCSC) directly linking Russia with cyberattacks.

Cyber Security News

National Cybersecurity Awareness MonthOfficial Website

  • October marks the 15th annual National Cybersecurity Awareness Month (NCSAM). Follow the activity online using the hashtags #NCSAM and #CyberAware.

The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies – Bloomberg

  • Hardware hacks are rare but, if successful, the payoff for them can be huge. Both Amazon and Apple may have been the victim of such a hack.

Meet Torii, a New IoT Botnet Far More Sophisticated Than Mirai Variants  – ZDNet

  • A very sophisticated Internet of Things botnet has been found and experts are impressed, “The author is not your average script kiddie.”

BUPA Fined $228,000 After Stolen Data Surfaces on Dark Web – BankInfoSecurity

  • British data-protection regulators are taking a dim view of companies who are not exercising good cybersecurity practises.

Gwinnett Medical Center Investigates Possible Data Breach – ZDNet

  • A security incident has led to a possible leak of patient information online.

Facebook Hack Puts Thousands of Other Sites at Risk – The New York Times

  • The Facebook hack has major implications for any site that uses Facebook as a login tool.

Malware Scam Targets Fortnite Cheaters and Their Bitcoin Wallets – CNET

  • If you’re looking to cheat at Fortnite then you are at risk of being cheated yourself.

In Case You Missed It

Top 7 Cybersecurity Tips Anyone Can Use at Home

Cybersecurity is not just a topic for enterprises, businesses and government agencies. Home users are just as vulnerable to malicious cyberattacks. As October is National Cyber Security Awareness Month (NSCAM), it’s important that home users are routinely educated about online safety. To help, we’ve compiled a list of our top seven cybersecurity tips that anybody can apply in their home.

  1. Password Use

    Passwords are your first line of defense online and yet it is the first area where many of us fail. Who hasn’t written a password down on a Post-it note at some point? Here are the basic dos and don’ts of password usage:

    • Do not use the same password across multiple accounts. (We know you do this. Stop it. Now.)
    • Do use strong passwords. Password123 is not a good password. Neither is monkey. Or your cat’s name. In fact, don’t use any of these Top 100 Passwords.
    • Do not share your passwords.
    • Do use a password manager.
    • Do change default passwords. Many smart devices that connect to your network, such as baby monitors, printers or thermostats, may have default passwords.
  1. Safe Online Shopping
    Who doesn’t love to shop from the comfort of their own home? In a couple of clicks you can compare products and prices from multiple retailers, have products delivered to your home in a matter of hours and you can do all this while wearing your pajamas.Here’s how you can safe while shopping online:

    • Look for the padlock or https: Reputable websites use technologies such as SSL (Secure Sockets Layer) that encrypt data during transmission. Look for the little padlock in the address bar or a URL that starts with “https” instead of “http,” as the “s” stands for “secure.”
    • When shopping on online marketplaces like eBay, be sure to check seller reviews and reputation level before deciding to buy a product. New accounts or accounts with comments accusing the seller of being a scammer or posting fraudulent listings should be red flags.
    • Avoid shopping while using public computers or public Wi-Fi.
    • Use a credit card or payment option with online fraud protection.
  1. Recognizing Phishing Emails
    Phishing emails look like legitimate company emails and are designed to steal your information. They usually contain a link to a website that will ask for your login credentials, personal information or financial details. These websites are clever fakes designed to take your information and pass it back to the cybercrooks behind the scam.

    In general, if you are not expecting an email from that company, you should be suspicious. Other tell-tale signs of phishing emails are as follows:

    • The email is not addressed to your full name. It will use generic terms like “Dear Customer.”
    • The email contains grammatical or spelling errors.
    • The email asks for personal information.
    • The email contains urgent or threatening language.

    If you think you have received a phishing email, do not click on any links or open any attachments. To be sure, log directly into your relevant account to check for updates or messages or contact the company directly through their website.

    Take our Phishing Quiz to see if you are able to identify phishing emails.

  1. Check Your Financial Statements
    Be sure to monitor your bank accounts and credit card statements for suspicious activity on a weekly basis. If you spot something unfamiliar or see transactions that you are not aware of, it could be a sign that you are compromised.

    Report potential fraud to your bank as soon as possible by calling your bank directly and asking to be connected to the fraud department.

  1. Ransomware 101
    Do you have files on your computer that you care about? Maybe your photos from the last five years? An extensive music library? Copies of resumes, address books, course work or other documentation?

    Do you have a backup of all of that data? You should.

    Ransomware is a type of malware that infects your computer, locking files or restricting your access to the infected systems. Ransomware attacks attempt to extort money by displaying an alert to victims, typically demanding that a ransom be paid in order to restore access to your system or files.

    It’s not just businesses that are targeted by ransomware creators. In fact, home users are often an easier target as most have no data backups, a lack of awareness and little to no cyber security education.

    It all happens in a matter of seconds. You’ve clicked a link in an email or downloaded a malicious document. In a few seconds, all their data will be encrypted and they’ll have just a few days to pay hundreds of dollars to get it back. Unless you have a backup.

    So, how can you protect yourself against ransomware attacks? Here are our top 5 tips:

    • Don’t store important data only on your PC.
    • Have one or two different backups of your data. Use an external hard drive or a cloud offering.
    • Keep your operating system, virus protection and software up to date, including the latest security updates.
    • Don’t open attachments or click on links in suspicious emails. Even if you know the sender, if it doesn’t feel right, delete it.
    • Consider using an ad-blocker to avoid the threat of malicious ads.
  1. Wi-Fi Usage
    Stay safe on public Wi-Fi. In general, don’t interact with websites that require your financial or personal details while you are using public Wi-Fi. Those activities are best kept on secure home networks.
    If you are using public Wi-Fi, avoid unsecured Wi-Fi signals and, where possible, connect using a virtual private network (VPN)
  1. Stop Clicking. (or Recognizing Common Scams.)
    Did you receive an email from your bank asking you to log in and provide your Social Security number or date of birth in order to resolve an issue on your account? Don’t click it.

    PayPal emailed you warning that your account was suspended temporarily and provided you a link to update your account details? Don’t click it.

    Yay! Someone sent you a gift card out of the blue! Just log in to redeem it! Don’t click it.

    There are a lot of scams out there. But you don’t need to live in fear online as many of them follow a similar pattern and can be avoided with a few safe practices. In general, if someone is offering you something for free, you should approach with suspicion and caution. For your financial or commercial accounts, do not click on links in emails, instead go to the official website and log in directly to your account to check for updates.

    And check out the FBI’s list of Common Fraud Schemes.

About Cybersecurity Awareness Month

The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”

In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:

  • Oct 1-5: Make Your Home a Haven for Online Safety
  • Oct 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
  • Oct 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
  • Oct 22-26: Safeguarding the Nation’s Critical Infrastructure

Learn more at StaySafeOnline.org.

Protecting What’s Important: How to Keep Your Family Safe from Online Threats

Online threats come in many forms. Depending on what’s most important to you dictates your online behavior and your diligence for practicing online safety.

For families, protecting the identities and well-being of children is a top priority. A single person may be more concerned about social engineering or account takeover. An older couple may be worried about ransomware locking sensitive or valuable information.

Like businesses, individuals and families should use a layered approach of security controls and technology management to defend against online threats. Implement the below best practices to help protect what’s most important.

Safeguarding Children Online

First and foremost, the safety of children is top of mind for any parent. While you may trust your child, far too many people lurk online waiting to compromise children or their identities.

On social media alone, almost one out of four 8- to 11-year-olds and three out of four 12- to 15-year-olds have a profile. By age 15, 83 percent of children have their own smartphone. By that same age, nearly 99 percent are online at least 21 hours each week. That’s a lot of surface area to protect. And an almost impossible task without the child being taught to continually exercise online awareness.

“Many of today’s parents didn’t grow up in the age of hyper-connectivity, so they aren’t always quite sure how to properly educate their children about cyberawareness without invading too much of their privacy,” said Dr. Chase Cunningham, a cybersecurity industry analyst and co-founder of The Cynja, a cybersecurity education and awareness organization that designs technology and graphic novels to illustrate the importance of online safety to children.

“Many of today’s parents didn’t grow up in the age of hyper-connectivity, so they aren’t always quite sure how to properly educate their children about cyberawareness without invading too much of their privacy.”

Dr. Chase Cunningham
Cybersecurity Analyst & Co-Founder of The Cynja

Cunningham, a retired U.S. Navy chief with more than 19 years’ experience in cyberforensic and cyberanalytic operations, has made protecting children online a personal priority.

“It’s important to connect with kids in ways that are comfortable, engaging and effective,” said Cunningham. “While that’s certainly a daunting task, I feel the use of different media and technology — apps, characters, stories — is the smart complement to sound parental oversite. Parents should strike the right balance that works for their family and the specific behavior of their children.”

To get started, many government, non-profit organizations and tech companies provide valuable tools and resources to help empower parents to educate their children on various online threats, including sexual predators, cyberbullying, identity theft, malware prevention and more. Explore these quick-start resources:

Parental Controls, Oversite

While third-party technology are powerful tools, parental management is still key in safeguarding children from cyber threats. Parents need access to all applications, contacts and websites their children use to communicate with large communities or unknown users — no matter how innocent or benign they appear.

Unfortunately, predators lurk everywhere kids spend time, so a certain level of strict oversite is necessary until children gain better awareness. For example, popular console games like Fortnite are being infiltrated by adults posing as children to maliciously connect with minors. The UK Child Exploitation and Online Protection (CEOP) organization even issued a warning to parents about this type of threat.

The concern spans all apps and sites. Cases involving apps like Snapchat, Instagram and WhatsApp are rampant. While the list evolves by the week, parents should routinely monitor the apps — particularly what’s new or trending — kids use to communicate online. This includes:

SnapchatFacebookTwitch
InstagramTwitterMixer
YuboTelegramMusical.ly
BumbleWhatsAppTikTok
YouTubeSarahahReddit
KikWhisperTumblr

While policy-makers and app developers alike are doing more to control and protect underage users, data and privacy, parents should still be the primary line of defense for protecting their kids. Use this general guidance from the FBI to help safeguard children online.

Monitor your children’s use of the internet (and connected mobile apps)Remind kids to only add people they know in real life
Tell your kids why it’s so important not to disclose personal information onlineEncourage kids to choose appropriate usernames
Check your kids’ profiles and what they post onlineTalk to your kids about creating strong passwords
Explain to your kids that once images are posted online they lose control of them and can never get them backAsk your kids about the people they are communicating with online
Restrict your kids from posting photos or personally identifying information (PII) without first gaining your consentMake it a rule with your kids that they can never give out personal information or meet anyone in person without your prior knowledge and consent
Instruct your kids to use privacy settings to restrict access to profilesEducate yourself on the websites, software and apps that your child uses; start with the list above

‘Never Stop Patching’

Inside the home, it’s best to assign a primary manager of laptops, mobile phones and IoT devices (e.g., streaming boxes, consoles, security cameras, appliances) to ensure they are routinely updated and patched. Memorize it like a movie quote: “Never stop patching.”

Consistent patching — particularly on computers and mobile devices — is one of the most proven methods of mitigating cyberattacks. It’s for this reason that zero-day threats (i.e., not previously seen before) are the most dangerous to individuals and organizations alike. Real-time solutions, such as the multi-engine Capture Advanced Threat Protection sandbox service can identify and block known and unknown cyberattacks.

While patching hardware like routers, web cams and wireless access points isn’t always so straightforward, manufacturers and developers like Google, Microsoft and Apple have made patching a fairly common, easy-to-do practice. It’s so common, in fact, that Microsoft’s monthly patch update is unofficially named “Patch Tuesday.” The pseudo tradition has been in practice since 2003.

In many cases, operating systems have an “automatic update” option to further simplify the process. It is particularly important to protect your consumer devices and sensitive data from malware and ransomware.

Globally, the SonicWall Capture Threat Network, which includes more than 1 million sensors across the world, recorded 7.8 billion malware attacks (70 percent increase from 2017) and 238.9 million ransomware attacks (108 percent increase) year to date in 2018.

Proactive Password Management

If patching is the No. 1 best practice, proper password creation and management is No. 1B. Two-factor authentication has helped offset the use of weak passwords, but far too many people still reuse passwords across sites, services and applications. Even if they properly used strong passwords, continued re-use leaves users vulnerable to attack.

Many free and paid password management solutions include options specifically for families. The top include Dashlane, 1Password and LastPass. While they each offer basic encrypted password creation and management, many feature tools for safely sharing passwords between authorized family members.

“Cybercriminals take advantage of people with poor password health to gain access to sensitive personal and payment information,” said Dashlane’s Eitan Katz in ‘Your Password Health Is the Key to Protecting Your Digital Identity.’ “The best way to prevent these online attacks and ensure that only you have access to your private data is to create complex, unique passwords for each account, and to change passwords that are compromised in a breach or hack immediately.”

More proactive password management services will analyze password health, suggest passwords that should be replaced, and even alert users to breached sites where they may hold an account.

Be Suspicious of Unknown Email

Even though learning how to stop phishing attacks is getting easier, email remains the No. 1 threat vector for cybercriminals. It’s the easiest and most successful approach for cybercriminals to deliver their payload to unsuspecting users or organizations.

Families may not often invest in business-grade secure email solutions, but they should practice consistent awareness about phishing email threats and email hygiene. Is your family aware of the latest email attacks? Take the SonicWall Phishing IQ Test to find out.

Be Smarter on Wi-Fi

There’s nothing more comforting than connecting to Wi-Fi when you’re on the go. It’s an addicting and predictable behavior that cybercriminals feast upon. When remote (e.g., airport, mall, coffee shop), always think three times before connecting to unknown wireless networks. Follow these best practices for ensuring safe connectivity when mobile:

Turn off “auto connect” features in your phone’s settings
Avoid free or unsecured Wi-Fi signals altogether
Look for spoofed Wi-Fi names similar to the location you’re visiting
If you must connect, use a virtual private network (VPN)

Most of this guidance has been focused on user behavior, but deploying wireless security at home — even if it’s right out of the box from your ISP — is also recommended. Users comfortable with advanced controls can also take additional steps:

Change SSID (Wi-Fi) name and default password
Create separate secure wireless network for friends and guests
Hide network(s) altogether
Limit the power and range of the wireless signal
Monitor connected devices through router’s management dashboard; revoke access to unknown or suspicious devices
Limit the types of devices connected to your network; does your dog’s water dish really need access to the internet?

About Cybersecurity Awareness Month

The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”

In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:

  • Oct 1-5: Make Your Home a Haven for Online Safety
  • Oct 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
  • Oct 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
  • Oct 22-26: Safeguarding the Nation’s Critical Infrastructure

Learn more at StaySafeOnline.org.